DEV Community

Rodrigo Fernandes
Rodrigo Fernandes

Posted on

Bastion Host

#aws #devops #security #cloud

Anotações sobre o Bastion Host para ajudar na preparação das certificações AWS.

Até o momento as anotações são para as certificações abaixo:

Image description

Anotações gerais

  • Instância sempre na Subnet Publica

SSH Agent Forwarding

Documentação oficial

  • Copiar a public key para as instâncias que serão acessadas

Step 1: Create Public/Private Key in Remote Client EC2

ssh-keygen
Enter fullscreen mode Exit fullscreen mode

Step 2: Setup Authentication

  • Copy the contents of public key form remote-client to the 
~/.ssh/authorized_keys file of both Bastion and Private EC2.
Enter fullscreen mode Exit fullscreen mode

Step 3: Use SSH Agent Forwarding

  • Run the following commands on the remote-client EC2 instance

Image description

Step 4: Test the Setup

  • From remote-client EC2, run the following command: 
ssh -A [BASTION-EC2-IP]
Enter fullscreen mode Exit fullscreen mode
  • Once you are logged into Bastion, try to connect to Private EC2 
ssh [IP-OF-PRIVATE-EC2]
Enter fullscreen mode Exit fullscreen mode

How to Record SSH Sessions Established Through a Bastion Host

Documentação oficial

Referências

Top comments (0)

Read next

notharshhaa profile image

50 DevOps Project Ideas to Build Your Skills: From Beginner to Advanced

H A R S H H A A -

rsiv profile image

Bringing declarative infrastructure to developers

Rak -

takuma818t profile image

Lambda Performance Evaluation: The Relationship Between Memory and Internal vCPU Architecture, and Their Comparison

takuma818t -

ianbrumby profile image

Effortless Debugging: AWS CDK TypeScript Projects in VSCode

Ian -